Fake bank Web site scam reaches U.S.
IDG News Service -
Bank of America Corp. has warned its customers to be aware of a scam that attempts to get them to log into a fake Web site that then captures their personal financial details.
The scam was attempted recently via e-mail and is similar to ones recently perpetrated in Australia on Commonwealth Bank, Westpac Bank, and Australia and New Zealand (ANZ) Bank.
The fraud works by sending a spoof e-mail to bank customers asking them to click on a link to a fake site resembling the real bank site, where customers are asked for their account name and password. Fewer than 75 customer accounts were compromised in the latest scam; the bank has helped those customers change their passwords and protect their accounts. The fraudulent site was shut down within 13 hours, and details about the e-mail distribution and its source are under investigation, Bank of America said.
Bank of America urged its customers to take precautions when making transactions online, including the following:
- Review a Web site's URL to check its legitimacy, seeing whether the spelling is correct or appears suspicious.
- Be careful before providing personal information, Social Security numbers, and account or credit card information over the telephone, in person or on the Internet.
- Notify the bank of suspicious phone or e-mail inquiries, such as those asking for account information to verify a statement or award prizes.
The Australian scams also failed to cause any serious damage, with only 50 customers at ANZ needing their accounts set up again.
A wider form of online bank fraud proliferating worldwide is "419," or advance-fee scams, which are perpetrated by Nigerian gangs who have set up several dozen fake bank Web sites that have no relation to any actual bank. In this scam, the gangs use e-mail to try to persuade victims to help them make multimillion-dollar transfers out of Nigeria in return for a percentage of the money (see story).
Victims are encouraged to set up an online bank account with the fake bank, where the money duly appears. The victim is then asked to pay the fraudsters some fake charges or taxes by another method such as Western Union, at which point their account at the fake bank disappears.
These fake bank sites are operated freely in Amsterdam, giving the fake bank credibility it wouldn't have if it were based in Nigeria, according to a group that monitors these frauds. "When the crime crosses borders, the police of other nations [apart from Nigeria] have a chance to get involved. But anecdotal evidence suggeststhat this is rare," the Chaos Project antifraud group wrote in an advisory. "The authorities in some countries place a fiscal limit on getting involved -- you have to have lost quite a lot of money before they will bother investigating."
The antifraud Web site Scamorama and other security organizations have compiled lists of over 50 fake banks set up and used by the Nigerian 419 fraudsters. A partial list is available online.
Reprinted with permission from
Story copyright 2009 International Data Group. All rights reserved.
Cybercrime/Hacking
Additional Resources



White Papers & Webcasts
The Tangled Web: Silent Threats & Invisible Enemies
Download Now
Data in Action: Making the Planet Smarter
Register Now
Email Archiving: A Business-Critical Application
Get this paper now!
Gene Kim's Practical Steps to Achieve and Maintain NERC Compliance
Learn seven steps operators can take to meet IT configuration requirements set forth in the NERC-CIP standards.
The Workday User Experience Video
Watch Workday's Creative Director, Scott Lietzke, discuss the business-centered design philosophy at Workday.
Not Just Words: Enforce Your Email and Web Acceptable Usage Policies
Get this paper now!
Business Process Framework Demo
Learn about Configurable Business Processes and Calculated Fields. Watch Now!
The New World of eCrime: Targeted Brand Attacks and How to Combat Them
Download This Whitepaper Now!
Manager Experience Demo
Go beyond self-service solutions to perform more effectively. Watch Now.

